Question I got a warning telling me that "You are currently using the RemoteFX 3D Video Adapter" and I don't use anything that requires a remote GPU

Sharcs

Honorable
Dec 5, 2013
47
0
10,540
I just received a warning telling me this:

"You are currently using the RemoteFX 3D Video Adapter. We no longer support this adapter and continued use may expose your machine to security risks."

Here's the screenshot:
lRWfjgi.jpg


The thing is, I do not use any virtual machines and never connect with other machines directly e.g. while using Team Viewer.

Is this something that I need to worry about? Is this malware or maybe a bitcoin miner?
 

joshieecs

Prominent
Aug 27, 2020
4
0
510
I got the same error just now. I do not use any Hyper-V machines, let alone any with RemoteFX GPUs. I have WSL v2 and Windows Sandbox and Windows Defender Application Guard features enabled, which rely on Hyper-V services, so maybe that prompted the message. (Though none of it was running when the message popped up.) I also just installed KB4571744 as part of Insider's Release Preview channel, on Education edition.

I know they have been working on deprecating RemoteFX for a while now. The message itself is not surprising, only that it randomly popped up. But if it's happening to other people, I would not be too worried about malware, and chalk it up to an update quirk.

I know Sandbox and WDAG have some capability for GPU acceleration, don't know if it's based on RemoteFX. It would be silly to deprecate a feature for security reasons (namely escaping the sandbox), but then use in apps specifically intended to provide secure sandbox environments.
 
Last edited:

intejer

Prominent
Aug 27, 2020
2
0
510
i got this error just now, googled it and ended up here. i'm on Windows 10 Pro, version 2004, OS build 19041.450

i don't use any virtual machines either, and i had never even heard of RemoteFX.

thanks for posting! i feel slightly less paranoid now.
 
Dec 25, 2020
1
1
15
"You are currently using the RemoteFX 3D Video Adapter. We no longer support this adapter and continued use may expose your machine to security risks."

Recently, I have also noticed this popup appear after starting Windows Sandbox. You can use PowerShell to disable the RemoteFX 3D Video Adapter in Windows 10. Windows Sandbox will still work after the RemoteFX 3D Video Adapter is disabled.

First, you'll need to get the Adapter name:
PS C:\Windows\system32> Get-VMRemoteFXPhysicalVideoAdapter
Id : pci#ven_99zz&dev_ffff&subsys_99999999&rev_z9#f&fffffff&f&99999999
Name : NVIDIA GeForce GTX 1070
GPUID : 9999_9999_999999999_999
TotalVideoMemory : 99999999999
AvailableVideoMemory : 99999999999
DedicatedSystemMemory : 0
DedicatedVideoMemory : 9999999999
SharedSystemMemory : 99999999999
Enabled : True
CompatibleForVirtualization : True
DirectXVersion : M.m
PixelShaderVersion : M.m
DriverProvider : NVIDIA
DriverDate : YYYY-MM-DD HH: mm: ssZ
DriverInstalledDate : YYYY-MM-DD HH: mm: ssZ
DriverVersion : M.m.p.b
DriverModelVersion : M.m
CimSession : CimSession: .
ComputerName : AZaz09
IsDeleted : False

Then you can disable VM Remote FX for the Adapter of that name:
PS C:\Windows\system32> Disable-VMRemoteFXPhysicalVideoAdapter -Name "NVIDIA GeForce GTX 1070"

Both commands may also return an information warning, similar to the popup:
WARNING: We no longer support the RemoteFX 3D video adapter. If you are still using this adapter, you may become vulnerable to security risks. Learn more (https://go.microsoft.com/fwlink/?linkid=2131976)

Acknowledgement: I found the how-to description in this post by Boppity Bop on StackExchange:
 
  • Like
Reactions: joshieecs

joshieecs

Prominent
Aug 27, 2020
4
0
510
The beauty of Powershell is that you don't even need to get the Name. It looks like a lot of text properties, but it's actually highly structured data.
So you can just feed the output of the Get- command as input to the Disable- command with the pipeline operator. Just copy and paste one line:

Get-VMRemoteFxPhysicalVideoAdapter | Disable-VMRemoteFXPhysicalVideoAdapter

And that would work in one elegant command for multiple RemoteFX adapters just as easily as one.
If you just want to check the Enabled property is set to false, another one-liner.

Get-VMRemoteFXPhysicalVideoAdapter | select Enabled

Or even more succinctly:

(Get-VMRemoteFXPhysicalVideoAdapter).Enabled

Of course this no guarantee that whatever was using won't just re-enable them. That is as simple as running the first command starting with "Enable-" instead of "Disable-". And in fact, if you have a use case where a RemoteFX vGpu is actually running on your system, you will probably want to keep it enabled, because the only alternative we mere mortals have with Hyper-V is pure software rendering, which an order of magnitude slower than the RemoteFX vGPU. Microsoft has some kind of new GPU sharing

Completely bone-headed of whatever engineer at Microsoft decided to program that message box in the first place. Let alone the fact it malfunctions and just pops up at random, and with error text that gives no clue what is wrong, and vaguely insinuates their security may have been compromised. Let alone the fact there is really nothing the user can do to fix it. The real fix would be to remove the popup. Anyone with a use case to be intentionally using RemoteFX probably understand the security implications and can mitiage them. And if someone is using it unintentionally, then they have no clue what the message is about, and no way to fix the problem.